weca-2024.reg.buzz Open in urlscan Pro
2606:4700:10::ac43:1a94  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request investor-guest Show response weca-2024.reg.buzz/	14 KB 4 KB	596ms 536ms	Document text/html	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 349b12a83bbb7747d5029469c8b478d8f8e5d7ef5410c60b176de867fd735a45 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control private, must-revalidate cf-cache-status DYNAMIC cf-ray 8c506205f87c9019-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 18 Sep 2024 09:41:54 GMT expires -1 pragma no-cache server cloudflare
GET H2	200	app.css weca-2024.reg.buzz/css/	363 KB 63 KB	70ms 69ms	Stylesheet text/css	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/css/app.css?id=94a5e6aad1be3a6002f5 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a4d3e745fcd5cf5740576c7536df4ba70505c5ee237138894c95f893cfb9a4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 content-encoding br cf-cache-status HIT etag W/"66c31ce9-5aa39" cf-ray 8c5062096b249019-FRA date Wed, 18 Sep 2024 09:41:54 GMT content-type text/css last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	system_logo.jpg livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/stream/b7b94b8e-fd71-11ee-82fc-000000000000/system/	27 KB 27 KB	186ms 51ms	Image image/jpeg	20.209.89.129 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/stream/b7b94b8e-fd71-11ee-82fc-000000000000/system/system_logo.jpg?v=1713437621 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.209.89.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 836b1ebf2b8263d132233c10c6537d7c2bf68a8b277a5fb08a2305a679824281 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers Content-MD5 jufDaJsMzAJh23t7kfHNog== x-ms-blob-type BlockBlob x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DC5F95CF5EE291 x-ms-request-id 6feda846-a01e-002c-78ae-09ec69000000 Content-Length 27665 Date Wed, 18 Sep 2024 09:41:54 GMT Content-Type image/jpeg Last-Modified Thu, 18 Apr 2024 10:53:41 GMT Vary Origin Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	livebuzz-logo-white.png weca-2024.reg.buzz/images/	16 KB 16 KB	89ms 89ms	Image image/png	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://weca-2024.reg.buzz/images/livebuzz-logo-white.png Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d544a70295c68ab2afffa517e94ded7f8ff4cfe80d87cd31326d3d32a84b6fac Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 cf-cache-status HIT etag "66c31ce9-4005" cf-ray 8c5062096b269019-FRA accept-ranges bytes content-length 16389 date Wed, 18 Sep 2024 09:41:54 GMT content-type image/png last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H3	200	polyfill.min.js Show response cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.26.0/	102 KB 29 KB	67ms 34ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.26.0/polyfill.min.js Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03d6b-19873" age 580492 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwbAkIpXZqt6K%2FK%2BMBQz%2B67ZEPDgslgTgQI32ui4MuO55nWQsZAsp2Lnqttqo%2BIpDBOa3vdUNmP2RwgZQScwVqz0JLe6rwAWRNJ5FflGm8524K85I9H2cmZAycmBKSLCOgiiKyRc"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 08 Sep 2025 09:41:54 GMT alt-svc h3=":443"; ma=86400 date Wed, 18 Sep 2024 09:41:54 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:06:03 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8c50620a4e8d8f31-FRA accept-ranges bytes access-control-allow-origin * content-length 29511 server cloudflare
GET H2	200	manifest.js Show response weca-2024.reg.buzz/js/	798 B 539 B	72ms 70ms	Script application/javascript	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/js/manifest.js?id=7999d63793f040b855fb Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c031aede63ad0b867914a6292f754719c6ccad7aa8b087268344d9bf01f302a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 content-encoding br cf-cache-status HIT etag W/"66c31ce9-31e" cf-ray 8c50620aac2f9019-FRA date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H2	200	vendor.js Show response weca-2024.reg.buzz/js/	590 KB 183 KB	169ms 168ms	Script application/javascript	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/js/vendor.js?id=9cbff8d8823b78fdf5f3 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00e9223b015b4ea97679ed8f90737a0ca94f261b7064cb4886f61960fe26e84e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 content-encoding br cf-cache-status HIT etag W/"66c31ce9-937e2" cf-ray 8c50620aac309019-FRA date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H2	200	app.js Show response weca-2024.reg.buzz/js/	584 KB 153 KB	78ms 77ms	Script application/javascript	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/js/app.js?id=278f2cf26c4dce5b28f6 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b3c50f44e658218ff8f8ba62cb31173d04eb9af95080380b40125ba8aa81fbe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 content-encoding br cf-cache-status HIT etag W/"66c31ce9-91e8e" cf-ray 8c50620aac329019-FRA date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H2	200	buzz.js Show response weca-2024.reg.buzz/js/	10 KB 4 KB	99ms 98ms	Script application/javascript	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/js/buzz.js?id=0a94103ecab8d590593c Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 264a91cfd902adde9f3b41d3841879293a612f13fc5cb9719bb43a17fac738e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Response headers cache-control max-age=14400 content-encoding br cf-cache-status HIT etag W/"66c31ce9-270c" cf-ray 8c50620aac339019-FRA date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H2	200	css fonts.googleapis.com/	5 KB 1012 B	97ms 31ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,400,600 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/css/app.css?id=94a5e6aad1be3a6002f5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 62be2da7636f50d9ef024b1a73e637a6c6d8b8df62a23a3eb204e92279bc49e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 18 Sep 2024 09:41:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 09:41:54 GMT content-type text/css; charset=utf-8 last-modified Wed, 18 Sep 2024 08:14:53 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	gtm.js Show response www.googletagmanager.com/	335 KB 111 KB	106ms 42ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MNDH22H Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 59d0fbb450fff87c504b7d7c039329b17e3e2a5d8a282e9439972170fabb2b71 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding br expires Wed, 18 Sep 2024 09:41:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 18 Sep 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 113638 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	ate-background-1920-x-1080.jpg livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/campaign/2a718ec2-fd70-11ee-8164-000000000000/	489 KB 490 KB	61ms 52ms	Image image/jpeg	20.209.89.129 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/campaign/2a718ec2-fd70-11ee-8164-000000000000/ate-background-1920-x-1080.jpg?v=1714657477 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/css/app.css?id=94a5e6aad1be3a6002f5 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.209.89.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 912524b174493552f2f94187a189734fb2f237f588417def315b42105d051352 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers Content-MD5 Iqi8zGeofYG0wlAlV/VhzA== x-ms-blob-type BlockBlob x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DC6AAE02705A97 x-ms-request-id 6feda8de-a01e-002c-05ae-09ec69000000 Content-Length 500840 Date Wed, 18 Sep 2024 09:41:54 GMT Content-Type image/jpeg Last-Modified Thu, 02 May 2024 13:44:37 GMT Vary Origin Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	87ms 21ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNDH22H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 content-encoding gzip age 1313 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Wed, 18 Sep 2024 11:20:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 date Wed, 18 Sep 2024 09:20:02 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript server Golfe2 vary Accept-Encoding
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	225 KB 58 KB	52ms 21ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 18 Sep 2024 09:41:55 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug uv8FUjGP8MSKmJ78s6m0W1wLv8jYaMGZsLNUUYwgcZJENaJZ8P5Xis07NzOL/ZABkUKaOe6RDFbCfwTlkspMrA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 58953 x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	js Show response www.googletagmanager.com/gtag/	130 KB 49 KB	33ms 32ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=TAG_ID Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNDH22H Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5f406542c304d303aa2136266aae41eedf8565ad67b491a719e8b19bd51672a3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding br expires Wed, 18 Sep 2024 09:41:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 09:41:55 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 18 Sep 2024 09:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 50444 x-xss-protection 0 server Google Tag Manager
GET H2	200	webfa-brands-400.woff2 weca-2024.reg.buzz/fonts/vendor/@fortawesome/fontawesome-free/	115 KB 115 KB	64ms 64ms	Font application/octet-stream	2606:4700:10::ac43:1a94 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weca-2024.reg.buzz/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?b55b1345f0b919f0cab774ec25d6654e Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/css/app.css?id=94a5e6aad1be3a6002f5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1a94 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://weca-2024.reg.buzz Referer https://weca-2024.reg.buzz/css/app.css?id=94a5e6aad1be3a6002f5 Response headers cache-control max-age=86400 cf-cache-status HIT etag "66c31ce9-1cc5c" cf-ray 8c50620cadc59019-FRA accept-ranges bytes content-length 117852 date Wed, 18 Sep 2024 09:41:55 GMT content-type application/octet-stream last-modified Mon, 19 Aug 2024 10:22:33 GMT vary Accept-Encoding server cloudflare
GET H2	200	collect www.google-analytics.com/	35 B 194 B	23ms 22ms	Image image/gif	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=598176509&t=pageview&_s=1&dl=https%3A%2F%2Fweca-2024.reg.buzz%2Finvestor-guest%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dweca24-adi-guesting&ul=de-de&de=UTF-8&dt=World%20Energy%20Capital%20Assembly%202024%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAAABAAAAAAAAIk~&cid=632056353.1726652515&tid=UA-88167265-1&_gid=2027061212.1726652515&gtm=45He4990n81MNDH22Hv78319287za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=0&npa=1&z=975009521 Requested by Host: weca-2024.reg.buzz URL: https://weca-2024.reg.buzz/investor-guest?utm_source=pardot&utm_medium=email&utm_campaign=weca24-adi-guesting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache age 77095 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 date Tue, 17 Sep 2024 12:17:00 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif server Golfe2
GET H3	200	993230984174328 Show response connect.facebook.net/signals/config/	66 KB 13 KB	221ms 220ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/993230984174328?v=2.9.167&r=stable&domain=weca-2024.reg.buzz&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash f96a7826bd8b52c40a067593396973b785e621f73029f3723cd19f67507313f3 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 18 Sep 2024 09:41:55 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=74, mss=1232, tbw=67114, tp=63, tpl=0, uplat=198, ullat=0 pragma public x-fb-debug TK0ss5suBXfuKyAJjo2hoVFcg3/rqFs/v7+uoo2YfomDaOEhgEi4tbjb5ZO2Ivb4or1ARj/SqWhlRlNsWbgPkA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H/1.1	200 OK	favicon.png livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/campaign/2a718ec2-fd70-11ee-8164-000000000000/	341 B 758 B	36ms 35ms	Other image/png	20.209.89.129 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://livebuzz.blob.core.windows.net/livebuzz-production/clarion-events/world-energy-capital-assembly-2024/campaign/2a718ec2-fd70-11ee-8164-000000000000/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.209.89.129 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 09267545fecede84f85dc266492d0927a39c6cb3c83ae73bec95f7b228f79354 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers Content-MD5 OPoWrS1yRS59L7wOywCpsw== x-ms-blob-type BlockBlob x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DC75806948376A x-ms-request-id 6fedad0e-a01e-002c-7aae-09ec69000000 Content-Length 341 Date Wed, 18 Sep 2024 09:41:55 GMT Content-Type image/png Last-Modified Thu, 16 May 2024 08:15:56 GMT Vary Origin Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
GET H2	200	/ www.facebook.com/tr/	0 274 B	68ms 21ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?batch=1&events[0]=id%3D993230984174328%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fweca-2024.reg.buzz%252Finvestor-guest%253Futm_source%253Dpardot%2526utm_medium%253Demail%2526utm_campaign%253Dweca24-adi-guesting%26rl%3D%26if%3Dfalse%26ts%3D1726652515546%26sw%3D1600%26sh%3D1200%26v%3D2.9.167%26r%3Dstable%26ec%3D0%26o%3D12318%26fbp%3Dfb.1.1726652515545.407154470572912316%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1726652515311%26coo%3Dfalse%26exp%3Df1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Wed, 18 Sep 2024 09:41:55 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	230ms 183ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=993230984174328&ev=PageView&dl=https%3A%2F%2Fweca-2024.reg.buzz%2Finvestor-guest%3Futm_source%3Dpardot%26utm_medium%3Demail%26utm_campaign%3Dweca24-adi-guesting&rl=&if=false&ts=1726652515546&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726652515545.407154470572912316&ler=empty&cdl=API_unavailable&it=1726652515311&coo=false&exp=f1&rqm=FGET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://weca-2024.reg.buzz/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415916083940208941"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Wed, 18 Sep 2024 09:41:55 GMT content-type image/png vary Accept-Encoding x-fb-debug TfUa/SH1GlW7Ypm86niBv0NEsOpAWKpfQCLO+FoG3KsqzzY0NHiH9EkCVaAekvcc5J7mUu7wqiWbQ8Ex8pkjRw== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415916083940208941", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1297, tbw=3091, tp=-1, tpl=-1, uplat=159, ullat=0 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| organization string| campaign string| environment string| csrfToken string| ip_country object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| webpackJsonp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| _ function| $ function| Vue function| axios function| moment function| swal function| Popper object| Ajax function| Form object| Message object| store object| Translations function| ResizeObserverObject object| eventBus object| html5 object| Buzz object| app function| gtag function| sendMessage function| resize function| isLoaded function| resetIdleWatcher object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			weca-2024.reg.buzz/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 8bba50478165ab61af06399dd00d6c8a
			weca-2024.reg.buzz/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 8bba50478165ab61af06399dd00d6c8a
			weca-2024.reg.buzz/	1970-01-20 23:37:39	Name: XSRF-TOKEN Value: eyJpdiI6Inp5SWErSUxyK2VrQ3VkRk9JcytrTEE9PSIsInZhbHVlIjoicmtVNlVPMjVWSFpiSVVob0tnanNkaGVMWkExRFRnUlNSVXNERjNFRUpmNVJCVjRQME1JV0dxUDZ4Z0JXMDhoOSIsIm1hYyI6IjQ0ZDQ0OGNlM2UwMmYwYzI1MzZiYzllNjg4MzYyMjUwODYzYzJmMzJhNDdkZjlmMzQwZDcwMjcyMzc2MTQ3MzAifQ%3D%3D
			weca-2024.reg.buzz/	1970-01-20 23:37:39	Name: buzz_session Value: KEuJtUgsgF23J8ZDqCUPqNCw97D3AD4zadtGmnlw
			.reg.buzz/	1970-01-20 23:37:34	Name: __cf_bm Value: ppdS33Bs8T42nTYKuvCqV4tNsCTkGrP3QhgEUvt4Gbw-1726652514-1.0.1.1-M.sLfyegKlJ.nktVuMpoBQpXdr0.j6vs61ZxgsGUe4UO_PiiT_v1ZUll76hPwTvscwbz99llybuGj5hymGplnw
			.reg.buzz/	1970-01-21 01:47:08	Name: _fbp Value: fb.1.1726652515545.407154470572912316

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
livebuzz.blob.core.windows.net
weca-2024.reg.buzz
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
157.240.252.13
20.209.89.129
2606:4700:10::ac43:1a94
2a00:1450:4001:801::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200e
2a03:2880:f177:83:face:b00c:0:25de
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
00e9223b015b4ea97679ed8f90737a0ca94f261b7064cb4886f61960fe26e84e
09267545fecede84f85dc266492d0927a39c6cb3c83ae73bec95f7b228f79354
232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92
264a91cfd902adde9f3b41d3841879293a612f13fc5cb9719bb43a17fac738e3
2c031aede63ad0b867914a6292f754719c6ccad7aa8b087268344d9bf01f302a
349b12a83bbb7747d5029469c8b478d8f8e5d7ef5410c60b176de867fd735a45
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
59d0fbb450fff87c504b7d7c039329b17e3e2a5d8a282e9439972170fabb2b71
5b3c50f44e658218ff8f8ba62cb31173d04eb9af95080380b40125ba8aa81fbe
5f406542c304d303aa2136266aae41eedf8565ad67b491a719e8b19bd51672a3
62be2da7636f50d9ef024b1a73e637a6c6d8b8df62a23a3eb204e92279bc49e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836b1ebf2b8263d132233c10c6537d7c2bf68a8b277a5fb08a2305a679824281
85a4d3e745fcd5cf5740576c7536df4ba70505c5ee237138894c95f893cfb9a4
912524b174493552f2f94187a189734fb2f237f588417def315b42105d051352
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
d544a70295c68ab2afffa517e94ded7f8ff4cfe80d87cd31326d3d32a84b6fac
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f96a7826bd8b52c40a067593396973b785e621f73029f3723cd19f67507313f3